Changeflow GovPing Government ICO Guidance on Subject Access Requests
Routine Guidance Added Final

ICO Guidance on Subject Access Requests

Favicon for ico.org.uk ICO GDPR Guidance
Detected February 6th, 2026
Email

Summary

The UK Information Commissioner's Office (ICO) has published guidance on subject access requests (SARs) under GDPR. The guidance is aimed at large businesses in the public, private, and third sectors, with resources also available for small businesses.

View original document View source feed page

What changed

The Information Commissioner's Office (ICO) has released updated guidance concerning subject access requests (SARs) under the UK GDPR. This guidance, available on the ICO's website, provides detailed information for organizations on how to recognize, respond to, and manage SARs, including when information can be withheld or a request refused. It also directs users to self-service tools, quick reference guides, and training videos.

Organizations, particularly large businesses in the public, private, and third sectors, should review this guidance to ensure their SAR handling processes are compliant with current data protection regulations. While this guidance is non-binding, adherence is crucial for managing data subject rights effectively and avoiding potential regulatory scrutiny. Small businesses are directed to separate resources tailored to their needs.

Source document (simplified)

Subject access requests (also known as SARs or right of access)

The guidance on this page is suitable for large businesses in the public, private and third sectors. Small businesses should use the resources on our small business web hub.

Help and support

Subject access request self service

Use this tool to get answers to your questions about subject access requests (SARs).

Find the right subject access request resources

A quick reference guide to help you find the content you need on each subject access request topic.

Brief guidance

A guide to subject access requests

Brief guidance about SARs including information about how to recognise and respond to a request, finding and providing the information and when you can withhold information or refuse a request.

Detailed guidance

Subject access requests (SARs, right of access)

What is a subject access request (SAR), how to recognise them, when and how to respond to them, when you can withhold information or refuse a request and how to manage health, social work and education information in relation to SARs

Resources

Training videos: individual rights

Recordings of ICO staff training on individual rights including subject access, available for you to reuse.

Related changes

Favicon for ico.org.uk ICO Open Letter to Tech Firms on Age Checks and Child Data Protection
Priority review Mar 12, 2026 ICO News & Blogs Data Protection
Favicon for ico.org.uk ICO Fines Police Scotland £66,000 for Data Mishandling
Priority review Mar 11, 2026 ICO News & Blogs Data Protection
Favicon for ico.org.uk ICO Upholds FOI Complaint Against NHS Trust
Priority review Mar 10, 2026 ICO Decision Notices Data Protection
Favicon for www.pcpd.org.hk Hong Kong PCPD Arrests Two for Suspected Doxxing
Urgent Mar 13, 2026 PCPD Media Statements (HK) Data Protection
Favicon for www.pcpd.org.hk Global Privacy Authorities Joint Statement on AI-Generated Imagery
Priority review Mar 13, 2026 PCPD Media Statements (HK) Data Protection
Favicon for www.pcpd.org.hk Privacy Commissioner Reports 2025 Work and Data Security Incidents
Priority review Mar 13, 2026 PCPD Media Statements (HK) Data Protection

Source

Favicon for ico.org.uk
ICO GDPR Guidance ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources
Government
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Information Commissioner's Office
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Employers Public companies Nonprofits
Geographic scope
UK

Taxonomy

Primary area
Data Privacy
Operational domain
Compliance
Topics
GDPR Individual Rights

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Government alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when ICO GDPR Guidance publishes new changes.

Free. Unsubscribe anytime.